The Agent Skills Directory

[Indirect Prompt Injection] (SAFE): The skill is designed to ingest and process untrusted HAR data captured from web browsers to facilitate API documentation. Evidence: 1. Ingestion points: scripts/har_utils.py and references/HAR_ANALYSIS.md provide logic to read external HAR files. 2. Boundary markers: The provided utility logic processes data as raw JSON for extraction. 3. Capability inventory: Results are used for API client generation and documentation summaries. 4. Sanitization: sanitize_method_name in scripts/har_utils.py uses regex ([^a-z0-9_]) to ensure generated Python identifiers are valid and safe.
[Dynamic Execution] (SAFE): The skill documentation describes generating Python API clients from templates based on analyzed traffic metadata. This is a primary function for its reverse-engineering purpose and does not involve executing arbitrary remote code.

reverse-engineering-api